Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1455

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1455
Last Modified 21 Aug 2010 12:28:53
Published 19 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1455

Summary

Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash).

Vulnerable Systems

Application

  • Freeradius 1.0.2


References

BID - 13541

GENTOO - GLSA-200505-13

XF - freeradius-sqlescapefunc-bo(20450)

SECTRACK - 1013909

SUSE - SUSE-SR:2005:014

CONFIRM - http://www.freeradius.org/security.html

FULLDISC - 20050520 ERRATA: [ GLSA 200505-13 ] FreeRADIUS: SQL injection and Denial of Service vulnerability

REDHAT - RHSA-2005:524

Related Patches

Red Hat 2005:524-05 RHSA freeradius security update for RHEL 4 x86


Last Updated: 27 May 2016 10:40:10